NAME

       pkcs1-conv - convert keys from PKCS#1 format to s-expression format

SYNOPSIS

       pkcs1-conv [{--private-rsa-key|--public-rsa-key|--public-key-info} [--base-64]] < FILE

DESCRIPTION

       This  manual  page documents briefly the pkcs1-conv command.  This manual page was written for the Debian
       GNU/Linux distribution because the original program does not have a manual page.

       pkcs1-conv converts private and public RSA keys from PKCS #1 format to sexp format.

OPTIONS

       This program follows the usual GNU command line syntax, with long options starting with two dashes (`-').

       By default pkcs1-conv expects a PEM-encapsulated RSA key on standard input, and will determine  its  type
       from  the  Pre-Encapsulation  Boundary.  To convert a DER-encoded (non PEM-encoded) key, one of the first
       three options below must be used:

       --private-rsa-key
              Specify that a DER-encoded RSAPrivateKey, as defined by PKCS  #1  (RFC  3447),  and  described  in
              section A.1.2 of its appendix A, is to be expected as input.

       --public-rsa-key
              Specify  that  a  DER-encoded  RSAPublicKey,  as  defined  by PKCS #1 (RFC 3447), and described in
              section A.1.1 of its appendix A, is to be expected as input.

       --public-key-info
              Specify that a DER-encoded SubjectPublicKeyInfo, as defined by PKCS #6, and described  in  section
              A.1 of its appendix A, encapsulating an RSAPublicKey, is to be expected as input.

       --base-64
              Together  with  --private-rsa-key,  --public-rsa-key,  or  --public-key-info,  specify that base64
              encoding is applied on top of the DER encoding.

       -?, --help
              Show summary of options (not implemented).

       -V, --version
              Show version of program.

DIAGNOSTICS

       pkcs1-conv will complain and exit with a status of 1 if the input doesn't match expectations. In PEM mode
       (when  no  option is used), if no PEM block is found, pkcs1-conv will output nothing but exit with a zero
       status.

EXAMPLES

       $ openssl genrsa -out privkey.pem
       $ pkcs1-conv < privkey.pem > privkey.sexp
       $ openssl rsa -in privkey.pem -outform DER -out privkey.der
       $ openssl rsa -in privkey.pem -outform DER -pubout -out pubkey.der
       $ pkcs1-conv --rsa-private-key < privkey.der > privkey.sexp
       $ pkcs1-conv --public-key-info < pubkey.der > pubkey.sexp

SEE ALSO

       ssh-conv(1), sexp-conv(1), rsa(1SSL), genrsa(1SSL), RFC 3447.

AUTHOR

       This manual page was written by Magnus Holmgren <holmgren@debian.org> for  the  Debian  GNU/Linux  system
       (but may be used by others).

COPYRIGHT

       Copyright © 2007 Magnus Holmgren.

       Copying  and distribution of this file, with or without modification, are permitted in any medium without
       royalty provided the copyright notice and this notice are preserved.